1

I am using PrincipalContext (from the System.DirectoryServices.AccountManagement namespace) for authentication in my application against Active Directory (I am using the ValidateCredentials function).

The authentication works fine, when I am resetting a user password in Active Directory and forcing him to change password in the next login I can’t authenticate the user.

I tried to change the way that I am doing authentication, I used LdapConnection (namespace System.DirectoryServices.Protocols), authentication worked ok, when I reset the user password and force the user to change password in the next login, I can't authenticate this user, if I am only resetting the password and not forcing the user to change password at the next login, I can authenticate the user.

I tested the same scenario with a different active directory and it worked in all scenarios.

Is it possible that Active Directory is preventing me from authenticate through code, when user must change password in the next login flag is true ?

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
user3698547
  • 45
  • 4

1 Answers1

0

You've answered your own question really, when "User must change password at next logon" is set in active directory, the user can only authenticate interactively from the Windows UI in order to set a new password, they cannot be authenticated in the way you require.

If you wanted to get it working you would need to add functionality to your application to detected when a user much change their password and provide means to do so prior to authentication. This would require handling of expired passwords as well as instances where changing the password was forced in the way you describe.

Ashigore
  • 4,618
  • 1
  • 19
  • 39
  • thanks for the reply , so my question is why its working in one active directory ant doesn't working the other one , what to i need to configure in my AD ,so i will be able to authenticate a user from code when the "User must change password at next logon" is set true ? – user3698547 Jun 05 '14 at 06:59